Name: Cyber Notes Cast - What is the role of a CISO during a cyber attack?
Start: 2023-07-03T15:00:00Z
End: 2023-07-03T15:00:09.000Z
Location: BrightTALK
Rating: 5

Futureproof Identity Security.

Segura® (formerly senhasegura) is a leader in Privileged Access Management (PAM), delivering security that's fast, simple, and powerful—without the complexity. Our intuitive, scalable platform simplifies privileged access management, designed for real IT teams dealing with real-world scenarios every day.

Segura® is globally recognized by Gartner, KuppingerCole, and Frost & Sullivan for innovation, reliability, and exceptional customer experience. On Gartner Peer Insights, real users consistently rank our solution as the #1 PAM.

Powerful security, zero time wasted—that's Segura®.


About this Talk


Non-human identities now outnumber human users in most enterprise environments — from service accounts and bots to APIs, machine workloads, containers, and certificates. But while these credentials power automation at scale, they often do so outside of proper governance, monitoring, or visibility.


In this live technical demo, identity experts Rodrigo Haidar, Evandro Gonçalves, and Leonardo Chillemi will walk you through how Segura® closes this critical blind spot with unified identity protection that scales across multi-cloud, DevOps pipelines, and modern IT infrastructures.
Segura® simplifies the complex challenge of managing non-human identity by bringing automation, policy enforcement, lifecycle control, and compliance into a single, integrated platform — in real-time. This is not a theoretical session. You’ll see the platform in action and get real-world insights you can apply immediately.


If your current IAM tools give you incomplete coverage — or if non-human access is slipping through the cracks — this session is built for you.

The Non-Human Identity Blind Spot — Solved by Segura®

Join us for a hands-on session with identity security experts Rodrigo Haidar, Evandro Gonçalves, and Edu Pereira as they walk you through Segura®’s approach to securing identities end-to-end.


When fragmented IAM solutions leave critical gaps, Segura® delivers a unified platform that protects every type of identity — from humans and machines to certificates and APIs — across the full credential lifecycle.


You don’t need more theories. This presentation is a live technical walkthrough of precisely how identity can be secured holistically, with automation, governance, and continuous visibility in a fast-moving, high-risk environment.


See the platform in action and hear practical insights on how to simplify complexity while elevating control, even in multi-cloud, multi-system enterprise settings.

End-to-End Identity - Live Product Demo with Segura®

Join us for an engaging webinar featuring Filipi Pires and Joseph Carson who recently attended the BlackHat and DEFCON conferences in Las Vegas. These events are among the most significant gatherings in cybersecurity, showcasing the latest research, tools, and techniques in the field. Our speakers will share their first-hand insights, highlight groundbreaking presentations, and discuss trends that are shaping the future of cybersecurity, with a business twist for busy CISOs and cybersecurity leaders.

Speakers:

Filipi Pires
Title: Head of Identity Threat Labs
Organization: Segura
Bio: Filipi Pires serves as Head of Identity Threat Labs and Global Product Advocate at Segura®, Director of Red Team Village, Senior Advisor at Raices Cyber Academy, and Founder of the Red Team Community (Brazil and LATAM). He is also an AWS Community Builder, Snyk Ambassador, Application Security Specialist, and an advocate for the cause "Hacking is NOT a crime." Additionally, he is an international speaker at cybersecurity and emerging technology events such as Black Hat and DEF CON. A former university professor, he has also created courses like Malware Analysis - Fundamentals at HackerSec.

Joseph Carson
Chief Security Evangelist & Advisory CISO
Bio: Joseph Carson is a globally recognized cybersecurity expert with over 30 years of experience in enterprise security and infrastructure. He is the author of Cybersecurity for Dummies and host of the Security By Default podcast. A CISSP-certified ethical hacker and government advisor, Carson is known for his practical insights on securing critical infrastructure and educating future cyber leaders.

AI, Exploits & Zero Trust: Key Lessons from Black Hat & DEFCON 2025

In today's complex regulatory environment, adhering to various cybersecurity and data privacy regulations is a challenging yet essential task for organizations. Join us for an insightful round table discussion where industry experts from Segura will delve into identity-centric strategies to simplify and streamline regulatory compliance. We'll explore frameworks such as NIST 2.0, ISO 27001, CIS Controls, and data privacy regulations like GDPR and CCPA. Learn how Privileged Access Management (PAM) plays a critical role in meeting these standards.

Attendees Will Learn:
–How to identify and inventory machine identities across cloud, on-prem, and DevOps pipelines
–The top compliance red flags related to machine accounts and credentials
–Techniques to automate policy enforcement and auditing of machine identities
–How to leverage PAM, secrets management, and CIEM together for stronger governance

Why Machine Identities Are Your Next Compliance Risk

Identity threats often serve as the keystone to many cyberattacks, where the compromise of digital identities can lead to unauthorized account access, identity theft, and fraud. Cybercriminals employ various tactics such as social engineering, phishing, and malware to capture credentials and impersonate legitimate users. Businesses must adopt a strategic approach to identity management, ensuring the robustness and security of identity verification processes to prevent potential breaches effectively.

The implementation of multi-layered identity protection strategies is crucial. These include multi-factor authentication (MFA), behavior-based access controls, and regular audits of access logs to detect anomalies early. Technologies like blockchain and digital identity verification provide next-generation solutions that enhance identity protection. By securing all entry points—including cloud services, on-premises systems, and mobile devices—organizations can significantly minimize risks associated with compromised identities.

Furthermore, a focus on transparency and user education enhances the effectiveness of identity protection strategies. Equipping users with the knowledge to recognize identity threats, such as phishing attempts or unusual login requests, empowers them to act as an active line of defense. Organizations that prioritize user-friendly security features—such as easy-to-use authentication apps and clear communication about security practices—foster a security-conscious culture, thereby strengthening the overall trust and efficacy of identity protection initiatives.

Identity Threats Decoded: Protecting the Core of Digital Security

Cyber threats are continually evolving, with malicious actors developing new methods to penetrate defenses and exploit vulnerabilities. These threats can range from ransomware attacks that lock users out of their systems to complex advanced persistent threats (APTs) that involve long-term, targeted network invasions for data theft and espionage. Understanding the breadth and depth of these threats is crucial, as it allows individuals and businesses to prioritize which risks demand immediate attention and how to allocate resources effectively.

Businesses, in particular, must recognize that cybersecurity is not just an IT issue but a fundamental component of their overall risk management strategy. An attack does not only lead to potential financial losses but can also damage brand reputation and erode customer trust. By conducting regular risk assessments and incorporating cybersecurity into all levels of the organization, businesses can better prepare themselves to face the full spectrum of cyber threats. This entails training employees, deploying the latest security technologies, and ensuring compliance with regulations and standards.

Both individuals and organizations should foster a culture of security consciousness. This involves understanding that cybersecurity is an ongoing process rather than a one-time solution. Continuous education and training on the latest threat vectors, coupled with a proactive approach to security hygiene—such as regular software updates, secure password practices, and awareness of phishing tactics—are essential in reducing risk and vulnerability. Cultivating this awareness helps build a robust defense against the expanding landscape of cyber threats.

Introduction to Cyber Threats: A Primer on Risk and Vulnerability

Are you prepared for the next wave of cyber challenges?

Join senhasegura and Edgeworx for an exclusive webinar where industry experts will unveil critical insights into the evolving cybersecurity landscape and what organizations need to prepare for in 2025.

 In this comprehensive session, our cybersecurity experts will dive deep into three specific trends:
- Insider Threats in the Digital Age
- The growing sophistication of internal security breaches
- Advanced detection and prevention strategies
- Real-world case studies and lessons learned
- Ransomware Evolution
- Next-generation attack vectors and techniques
- Emerging ransomware trends and predictions
- Proactive defense strategies for 2025
- Attacks on Cloud Infrastructure
- Expanded attack surface
- Protecting Clouds Identities from both Users and Machines
- Ensuring security through multiple CSPs

Benefits of Participating:
- Expert predictions for 2025's threat landscape
- Actionable strategies to enhance your security posture
- Live Q&A session with industry experts
- Webinar Presentation "2025 Cybersecurity Challenges"

Webinar Emerging Threats: Cybersecurity Forecast 2025

As technology evolves, so do cyber threats. Join us for a forward-looking webinar on Cybersecurity Trends for 2025, where we explore imminent challenges and innovative solutions in the cybersecurity landscape. Our expert panel will uncover emerging threats, cutting-edge technologies, and strategic approaches that organizations must adopt to stay ahead in the digital race. Stay informed and prepared to protect your digital assets effectively.

Attendees Will Learn:
– Emerging Cyber Threats: Understand the latest cyber threats and attack vectors predicted for 2025.
– Advanced Defense Mechanisms: Explore next-generation cybersecurity technologies and tools.
– Regulatory Changes: Stay updated on upcoming regulatory changes and compliance requirements.
– Best Practices: Learn effective strategies and best practices for robust cybersecurity.

Cybersecurity Challenges of 2025: Uncovering the Role of Digital Identities

Nossa live abordará as principais violações de segurança com vazamento de dados que ocorreram ao longo do ano e suas consequências para as empresas. A intenção é informar sobre os métodos que os cibercriminosos usaram, discutir as falhas de segurança que permitiram esses vazamentos e fornecer orientações práticas sobre como proteger seu negócio contra esses tipos de ameaças.

Tópicos que serão abordados:

- Introdução aos Vazamentos de Dados;
- Os 6 Maiores Vazamentos de Dados em 2024;
- Análise das Falhas de Segurança;
- Métodos Comuns Usados por Cibercriminosos;
- Medidas Proativas de Proteção;
- Planos de Resposta a Incidentes;
- Ferramentas e Recursos.

Quem deve participar?

- Profissionais de TI e Segurança da Informação: Administradores de redes, analistas de segurança e gerentes de TI que buscam aprimorar suas estratégias de segurança cibernética.
- Líderes e Executivos de Negócios: CEOs, CIOs, CISOs e diretores de operações que precisam entender a importância da resiliência digital para a continuidade dos negócios.
- Consultores e Especialistas em Cibersegurança: Profissionais que trabalham com segurança da informação e desejam se manter atualizados sobre as melhores práticas e tendências do setor.

Webinar Os 6 Maiores Vazamentos de Dados em 2024 - Como Proteger seu Negócio  (Webinar em Português)

Transforme a Gestão de Dados da Sua Empresa com Conhecimento de Alta Qualidade!

Participe de nosso webinar exclusivo e mergulhe nas implicações práticas da Lei Geral de Proteção de Dados (LGPD) para empresas como a sua. Este é o evento que você não pode perder se deseja estar na vanguarda da conformidade e segurança da informação, nossos especialistas em cibersegurança, compliance e jurídico irão explorar em profundidade os aspectos mais críticos da lei brasileira de proteção de dados pessoais.

O que você irá aprender:

- Adaptação à LGPD: Passos essenciais para alinhar a sua organização às exigências da legislação;
- Dicas Práticas: Estratégias e melhores práticas para implementar programas eficazes de proteção de dados;
- Tecnologia de Ponta: Saiba sobre as ferramentas mais avançadas para garantir a segurança das informações pessoais.

6 Anos de LGPD: Desafios, Impactos e Transformações na Cibersegurança! Webinar in Portuguese

Dive into the evolving landscape of cybersecurity as we unpack the key discussions and innovations highlighted at BlackHat USA 2024. This webinar offers a comprehensive exploration of how emerging technologies, strategic approaches, and regulatory changes are shaping the field of cybersecurity. Join our panel of experts as they provide valuable insights and forward-looking trends that will inform the strategies and defenses of tomorrow.

What will attendees learn?

- Cutting-Edge Cybersecurity Technologies
- Strategies for Digital Resilience

Understanding the Future of Cybersecurity - Insights from BlackHat USA 2024

In today’s complex regulatory environment, adhering to various cybersecurity and data privacy regulations is a challenging yet essential task for organizations. Join us for an insightful round table discussion where industry experts from senhasegura will delve into identity-centric strategies to simplify and streamline regulatory compliance. We’ll explore frameworks such as NIST 2.0, ISO 27001, CIS Controls, and data privacy regulations like GDPR and CCPA. Learn how Privileged Access Management (PAM) plays a critical role in meeting these standards.
Discover how to navigate regulatory requirements effectively while enhancing your organization’s security posture. Our experienced panelists will share challenges, best practices, and actionable insights to bolster your compliance efforts and business continuity planning.

Attendees Will Learn:
- Key regulatory requirements and how identity management addresses them.
- Insights into NIST 2.0, ISO 27001, CIS Controls, GDPR, and CCPA.
- Practical steps for implementing PAM to ensure compliance.
- Common compliance challenges and best practices for overcoming them.
- How to integrate compliance and cybersecurity into business continuity planning.

Who Should Attend:
- IT Security and Compliance Professionals
- Cybersecurity Analysts and Managers
- Risk Management Officers
- Data Privacy Officers
- IT Auditors and Consultants
- Business Continuity Planners

REGULATORY COMPLIANCE MADE EASY WITH IDENTITY-CENTRIC STRATEGIES

*Webinar in Portuguese*

Não conseguiu estar presencialmente na RSA mas quer estar por dentro do que foi mostrado por lá?! 

Então junte-se a nós para um webinar exclusivo, onde os principais especialistas em cibersegurança da senhasegura trazem insights valiosos diretamente da RSA Conference 2024.
Nesta sessão, exploraremos as tendências mais recentes, inovações e estratégias discutidas em um dos principais eventos de cibersegurança do mundo.

Nossa experiente equipe abordará tópicos-chave, incluindo proteção avançada contra ameaças, o cenário em constante evolução das ameaças cibernéticas, conformidade regulatória e o futuro das tecnologias de cibersegurança. Eles oferecerão conselhos práticos sobre como aplicar esses insights para proteger efetivamente sua organização. 

Se você é um profissional de cibersegurança que busca se manter atualizado, um líder empresarial que busca reforçar as defesas de sua organização, ou simplesmente tem curiosidade sobre o futuro da segurança da informação, este webinar irá equipá-lo com o conhecimento e as estratégias essenciais no cenário cibernético em constante evolução de hoje.

Não perca esta oportunidade de aprender diretamente com especialistas direto da RSA 2024 e participar de uma sessão onde poderá obter respostas para suas perguntas mais urgentes sobre segurança cibernética.

Principais Pontos Abordados:

Compreensão das últimas tendências e inovações em cibersegurança;
Estratégias para aprimorar a resiliência cibernética de sua organização;
Visão sobre o futuro da cibersegurança e como se preparar.

Quem Deve Participar?

- Profissionais de TI e Cibersegurança;
- Executivos de nível C focados em aprimorar a segurança digital;
- Entusiastas de tecnologia;

*Webinar in Portuguese*

RSA 2024 – Insights Estratégicos da senhasegura - Webinar in Portuguese

Join us for an exclusive webinar where senhasegura's top cybersecurity experts bring you invaluable insights fresh from RSA Conference 2024. 

This session will delve into the latest trends, innovations, and strategies discussed at one of the world's premier cybersecurity events.

Our seasoned panel will dissect key topics including advanced threat protection, the ever-changing cyber threat landscape, regulatory compliance, and the future of cybersecurity technologies. They'll offer practical advice on applying these insights to effectively safeguard your organization.

Whether you're a cybersecurity pro looking to stay ahead, a business leader aiming to bolster your organization's defenses, or simply curious about the future of infosec, this webinar will arm you with the knowledge and strategies essential in today's rapidly evolving cyber landscape.

Don't miss this chance to learn directly from RSA 2024 veterans and participate in a session where you can get answers to your most pressing cybersecurity questions.

Key Takeaways:

Understanding the latest cybersecurity trends and innovations;
Strategies for enhancing your organization’s cyber resilience;
Insights into the future of cybersecurity and how to prepare.


Who Should Attend?

- IT and Cybersecurity Professionals;
- C-Level Executives Focused on Enhancing Digital Security;
- Technology Enthusiasts;

RSA 2024 Revealed - Strategic Insights from senhasegura

As cyber threats continue to evolve and pose noteworthy risks to organizations globally, grasping the nuances of the current threat landscape is key to crafting robust cybersecurity tactics. The Verizon Data Breach Investigations Report 2024 provides a detailed analysis rooted in real-world data breaches, offering critical insights into the tactics, techniques, and motivations of attackers.

In our upcoming webinar, senhasegura experts will delve into the notable trends highlighted in the report. This includes a look at newly emerging threat actors, prevalent attack vectors, and the industries most impacted by breaches. We'll break down the advanced techniques used by cybercriminals and pinpoint sectors that are increasingly at risk, deepening your understanding of the ever-changing cybersecurity environment.

Additionally, we will discuss the broader implications of the report's findings for organizations and provide tailored recommendations to enhance your security posture. By determining the root causes of breaches and comprehending their effects, you can proactively spot vulnerabilities within your infrastructure and take effective measures to diminish risks.

Don't miss this opportunity to obtain exclusive insights and expert analysis from the Verizon Data Breach Investigations Report 2024. Join us to keep a step ahead of cyber threats, as we unpack the valuable lessons learned and equip you with actionable strategies to protect your organization's sensitive data.

Unveiling the Verizon Data Breach Investigations Report 2024

Cybersecurity in the Middle East: Protecting Cloud Identities with PAM

In the era of digital transformation, addressing cybersecurity risks is paramount for ensuring business continuity, particularly within the dynamic and expanding cloud environments of the Middle East.

Our webinar explores the pivotal role of Privileged Access Management (PAM) in fortifying cloud identities against threats amidst the evolving digital landscape. With the recent inauguration of Google Cloud's new data centers in Dammam, Saudi Arabia, and the pioneering PAM solutions offered by senhasegura, we stand at a crucial juncture in regional cybersecurity.

Key Takeaways:

- Navigating the Dynamic Cybersecurity Landscape
- The Significance of Google Cloud's Expansion
- Understanding the Vitality of PAM in Cloud Security
- Overcoming Implementation Challenges of PAM
- Selecting the Optimal PAM Provider
- Embracing PAM Solutions in the Middle East

Who Should Attend?

- IT and Cybersecurity Professionals
- C-Level Executives Focused on Enhancing Digital Security
- Cloud Technology Enthusiasts
- Business Owners Seeking Insights into PAM's Role in Cloud Environments

Don't miss this exclusive opportunity to bolster your cybersecurity acumen and stay ahead of the curve.

Webinar Cybersecurity in the Middle East: Protecting Cloud Identities with PAM

In a world where digital security is non-negotiable, join us for a groundbreaking webinar that delves deep into the ever-evolving realm of cybersecurity. 

Our focus? The seamless integration of passwordless authentication methods into Privileged Access Management (PAM) systems.

What You'll Gain Insight Into:

- Fundamentals of Digital Identity and Authentication - Dive into the cybersecurity landscape, unraveling the essentials of digital identity and the evolution of authentication tokens;

- The Rise of Passwordless Authentication - Explore how passwordless solutions are revolutionizing security protocols, striking the perfect balance between enhanced security and user convenience;

- Integrating Passwordless with PAM - Navigate the practical aspects of embedding passwordless authentication into PAM systems, uncovering the benefits and tackling challenges head-on;

- Expert Insights from Industry Leaders - Hear firsthand from our strategic partner, a trailblazer in passwordless authentication technology, as they share their expertise and real-world applications;

- Live Demonstration - Witness real-time demonstrations showcasing the seamless integration of passwordless methods in PAM. Experience the ease of use and heightened security in action.

What's In It for You:

- Understand Emerging Trends and Technologies - Gain insights into the latest happenings in the cybersecurity universe;

- Learn Practical Approaches to Enhance Security - Acquire actionable strategies to fortify your organization's security posture;

- Network with Industry Experts and Peers - Engage with the cybersecurity community, forging valuable connections.

Unlock the Future of Secure Access: Integrating Passwordless into PAM

In an era where cyber threats loom larger than ever, the traditional 'trust but verify' security model is becoming obsolete. Enter Zero Trust – a paradigm shift that redefines organizational cybersecurity. 

But what role does Privileged Access Management (PAM) play in this new framework? 

Join us in this illuminating webinar as we explore the crucial interplay between PAM and Zero Trust.

Why Privileged Access Management is essential to achieve Zero Trust Security

The CISO plays a crucial role in incident management during cyber attacks as they are responsible for implementing containment and eradication measures. However, it is also their role to detect and prevent threats. Learn more in this article about the responsibilities of a CISO during and after a cyber incident.

During a cyber attack, the role of a CISO is crucial. This is because they are responsible for implementing containment and eradication measures in case of threats. However, before an attack occurs, the CISO plays an important role in vulnerability detection and prevention, as well as being prepared to handle crises and incidents.

According to a report by the Ponemon Institute, the cost of preventing a cyber attack can range from $396,000 to over $1 million, depending on the type of threat. Furthermore, the same report states that over 80% of these resources are allocated to remediate incidents, while less than 20% is dedicated to prevention.

In this context, cybersecurity becomes one of the main concerns for organizations, and the CISO plays a fundamental role in protecting the company’s information and reputation.

In this cyber notes cast episode, we will explore in detail the functions of a CISO and the measures this professional can take to defend organizations against cybersecurity threats. To facilitate listening, we will divide our content into the following topics:


1. What are the functions and responsibilities of a CISO?
2. What is the role of a CISO during an incident?
3. What should a CISO do after a data breach?
4. About senhasegura (provide additional details about senhasegura)
5. Conclusion

Enjoy this Cyber Notes Cast episode!

Cyber Notes Cast - What is the role of a CISO during a cyber attack?

CISO

CISO forum

cyberattacks

Cyber Attacks

cyber notes cast

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Internal audit and compliance professionals are facing increasingly stringent regulatory requirements when it comes to compliance reporting and internal control procedures. Join the audit and compliance community to learn best practices from thought leaders on topics such as regulatory compliance, internal audit checklists and audit program strategies.

Audit and Compliance

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

Cyber Notes Cast - What is the role of a CISO during a cyber attack?

Presented by

About this talk

Futureproof Identity Security: Segura®